Leonardo has proudly announced, at the 2018 Doha International Maritime Defence Exhibition & Conference in Qatar, that the Company’s OTO 76/62 Super Rapid (SR) naval gun has successfully ended an extensive vulnerability assessment campaign, ensuring that it will be resilient to cyber-attacks in the future.

The assessment was carried out as part of Leonardo’s commitment to ensuring its products and systems are protected against the threat of cyber-attacks from hostile actors. Continuous upgrades to the OTO 76/62 SR weapon system have made it increasingly dependent on technology that, while optimising the performance of the gun, has made the system potentially more exposed to the risk of cyber-attacks. Leonardo has, therefore, launched a comprehensive vulnerability assessment to identify potential cyber threats and implement specific countermeasures.

By challenging the technology adopted in the OTO 76/62 SR system and employing a set of best practices in conducting vulnerability assessment against cyber threats, it was possible to determine attack scenarios that could be exploited by voluntary or accidental actions. These scenarios include, but are not limited to, malware or viruses present on removable devices, behavior falling outside of the common-sense rules of cyber security.

The key component of the OTO 76/62 SR is its gun console, which manages all other parts of the weapon system. Depending upon the naval gun configuration, this could include the STRALES capability ( i.e. a targeting system for the DART highly maneuverable projectile), the VULCANO ammunition capability and, in all cases, the Multi Feeding (MF) device for automatic handling of the ammunitions. Focusing on the gun console and taking the whole weapon system into account, the assessment have allowed Leonardo to define potential weaknesses and implement all security measures that mitigate the risk associated with the identified vulnerabilities.

In addition to satisfying Leonardo’s strict security policies against cyber threats, the OTO 76/62 SR cyber security assessment also demonstrated that the weapon system meets a number of security requirements put forward by expert bodies, specifically the NIST SP800-53, ISO 15408 and ISO 27002 standards.